Home / Security News / Criminals Using New Approach For Hacking WordPress Websites
Criminals Using New Approach For Hacking WordPress Websites

Criminals Using New Approach For Hacking WordPress Websites

Hacking WordPress Websites: The hackers have come with a new method of installing the vulnerable backdoor plugins in websites which is powered by WordPress.

This technique takes the advantage on the weaknesses of WordPress.com accounts and the JetPack Plugin.

This technique is highly hard to compromise a website and the hacker ought to utilize the multiple steps in order to attack the WordPress websites.

The attacks start occurring on May 16 from a report being released by a WordPress Security Firm WordFence.

The first step of this attack includes the Hackers hijacking the usernames and passwords from public data breaches to attempt to login to WordPress accounts of users.

Specially those users who have reused the passwords from different websites and which did not enable the Two-Factor Authentication for their profiles, which is easily breakable to take over the accounts.

JetPack the analytics plugin for wordpress which is the most popular for wordpress sites.

This plugin has the specialty to connect with a self-hosted WordPress site to WordPress.com account and to use the Jetpack panel inside the WordPress.com.

JetPack provides the ability to install various forms of plugins across the different sites by just using wordpress.com Jetpack dashboard.

This plugin allows any criminals to easily upload a ZIP file with the malicious code that can be sent to each site.

Hackers are able to take a huge advantage of this remote management feature to deploy backdoors to earlier secured websites.

Experts also says that on the May 16, the hackers have deployed a plugin name Pluginsamonsters”, later they switched to another plugin name wpsmilepackon May 21.

“Basically the plugin is visible to WordPress Dashboard but invisible on the target wodpress site’s plugin list when active”.

Wordfence Team Said, “If the bloggers find any sort of suspicious activities in their website they should immediately change the password for their WordPress.com Website”.

About Jahanzaib Khan

Jahanzaib Khan is Web Designer & Ethical Hacker. He Who has been working since 2014, and is managing several successful websites on the internet for about 3 years. Jahanzaib-khan.com

Check Also

A screen at Facebook’s developer conference last month. During testing over a few days in May, posts that millions of users thought they were creating only for family and friends were visible to the public, the company said Thursday.CreditJason Henry for The New York Times

Facebook Bug Changed Privacy Settings of Up to 14 Million Users

SAN FRANCISCO— Facebook has been on struggle for various months the perception that it did …

Leave a Reply

Your email address will not be published. Required fields are marked *